If there's one Microsoft policy that has drawn the ire of IT managers over the course of its Windows 10 rollout, it's the company's decision to require that all users install cumulative updates without control over which packages a system receives.

It's such a point of contention that a group of thousands of grumpy customers have petitioned company CEO Satya Nadella to change Windows 10 update practices.

Customers want more control over what's added to their systems, but they're also concerned about what happens when they can't avoid installing an update that breaks key functionality. Cumulative updates include all the updates Microsoft has released for the branch of Windows 10 a customer is using.

Microsoft thinks giving out cumulative updates is better than its previous model of allowing IT managers and users to decide which patches they want to install piecemeal, Joe Belfiore, a corporate vice president for the company's Operating Systems Group, said in an interview. He bases this view on conversations with IT pros about using cumulative updates.

"We've involved a lot of companies and real-world IT management organizations in talking through the implications ... and our feeling talking with them is that the net result that you get is better," he said. "We've seen lots of examples of situations where end users experienced lower reliability or unpredictable system performance because of a relatively untested combination of updates. So our net intent is to improve the quality overall, for everybody. And we believe that this method will deliver that."

Providing cumulative updates allows Microsoft to more effectively test new updates against what they're being installed on top of, rather than having to worry about a bunch of different versions of Windows, each with different capabilities. What's more, it's beneficial to developers, since they're then building apps for a less fragmented ecosystem.

Of course, that will be cold comfort to those people whose computers stop working because of a faulty update, or those who have to suffer through a bug that's annoying but ultimately not show-stopping.

Some of the consternation about mandatory cumulative updates may stem from the lack of tools to mitigate potential problems caused by a bad update. Microsoft has promised to roll out a Windows Update for Business service that will allow IT professionals to set up a group of deployment rings in their organization to slowly test the rollout of a new update, but it won't be fully available until next year. Microsoft will also launch a pair of additional deployment rings with delayed patch roll-outs, including a Current Branch for Business that will be four months behind the most recent consumer release of Windows.

Microsoft will also offer Long-Term Servicing Branches that will allow IT managers to restrict certain devices to only receive security updates after installing Windows 10. That's not designed for use in all the computers in an organization, however, despite providing more control.

Until any of those new features come to pass, there is one option for those people worried about Microsoft's update policy: cross their fingers and trust the folks in Redmond.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.